In 2015, Cobalt Strike 3.0 hit the market as a standalone adversary emulation program. The program works by emulating an actual attack from advanced threat actors, showing users exactly where their defenses are weak and in need of improvement. This is a change from past instances when Cobalt Strike was used more as a second-stage tool that played a role once the targeted systems had already been accessed.Ĭobalt Strike first surfaced in 2012 as a tool to help organizations detect gaps in their security defenses. Infoblox discovers rare Decoy Dog C2 exploitĪt RSA, Akamai put focus on fake sites, API vulnerabilitiesĮlectronic data retention policy (TechRepublic Premium)Īnalyzing the illegitimate use of Cobalt Strike, Proofpoint said it found that the tool is increasingly being used by attackers as an initial access payload, meaning it’s enlisted to deploy the initial malicious payload onto victimized machines. SEE: Ransomware: What IT pros need to know (free PDF) Must-read security coverageġ0 best antivirus software for businesses in 2023 Popular penetration testing program Cobalt Strike saw a 161% increase in malicious use from 2019 to 2020 and is considered a high-volume threat for 2021, according to a report released Tuesday by security provider Proofpoint. The same powerful tool used by organizations to enhance their security is being adopted by cybercriminals to help break through their security. Normally used by organizations for penetration testing, Cobalt Strike is exploited by cybercriminals to launch attacks, says Proofpoint. ![]() How legitimate security tool Cobalt Strike is being used in cyberattacks
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |